I T S E C U R I T Y AND C E R TCASE STUDY

OLYMPIC GAMES

References :International Patent by Peter Stavroulakis PCT GR2006/000038<<Secure Communications

using Chaotic and Interference reduction techniquesOther Applicable Publications of Stavroulakis, P(1) “Chaos Applications in Telecommunications”, Taylor and Francis,2006

(2) “Interference Analysis of Communication Systems”, IEEE Press, 1980(3)Iterference Analysis and Reduction for Wireless Systems”, Artech House, 2003.(4) Guest Editor, “Special Issue of International Journal of Satellite

Communications and Networking”, John Wiley, January-February 2003.(5) “Wireless Local Loops, Theory and Application”, New York, John Wiley, 2001.() “ Reliability, Survivability and Quality of Large Scale Telecom Systems . Case Study: Olympic

Games.(7) TETRA- A Global Security Tool To be published by SPRINGER in March 2007(8) Special Issue of CHINA COMMUNICATIONS JOURNAL on Communications and

Information Security.

ModernGlobal Revolutions

•Industrial(1900-1950)•Electronic (Transistor)(1950-1990)

•Information(1990-

Hence the Lubricant (information) which drives the modern globalmachine must be protected.

WHAT IS SECURITY

Security is the protection of information, systems and services against disasters, mistakes and manipulation so that the likelihood and impact of security incidents is minimized or eliminated.

It is comprised of

1) Confidentiality

2) Integrity

3) Availability

4) Legal Compliance

SECURITY MECHANISMS

Physical Security

1) Buildings

2) Data Transport

3) Backups

4) Laptops

5) Peripherals e.t.cCryptography/Encryption (Key Management)

Authentication

Access Control

1) Confidentiality

2) Integrity

1) Passwords

2) Firewalls (Packed filters) mainly OSI model

DATABASE + TRANSACTION MONITORS

Distributed TransactionProcessing (DTP) open standard for Online Transaction Processing(OLTP)

AP

Application

RMResource Manager

Front end of Database

TMTransaction

Manager

OPERATING SYSTEMS (OS)

Trusted Computer System Evaluation Criteria (TCSEC)Information Technology Security Evaluation Criteria (ITSEC)

Trust Technology Assessment Program(TTAP)

“Information Technology is the use of hardware, software, services,

and supporting infrastructure to manage and deliver information.”

“Information Technology is the use of hardware, software, services,

and supporting infrastructure to manage and deliver information.”

IT - Definition

Types of Computer Networks

Categorizing networks according to size:

DAN / PAN (Desk or Personal Area Networks)

LAN (Local Area Network)

MAN (Metropolitan Area Network)

WAN (Wide Area Network)

Internet

Categorizing computer networks according to transmission medium:

• Wired:L1: twisted pair, coaxial, fiber …L2: IEEE 802.3,4,5, SLIP, PPP …

• Wireless: L1 : Infrared, RF, Microwave …L2: IEEE 802.11, bluetooth, mobile

The OSI model

Typical network devices

Hub A device that repeats or broadcasts the network stream of information to individual nodes

Switch A device that receives packets from its input link, and then sorts them and transmits them over the proper link that connects to the node addressed.

Router A node that sends network packets in one of many possible directions to get them to their destination.

Layer Network Components

Application Gateway

Presentation Gateway

Session Gateway

Transport Gateway

Network Router

Data Link Bridge, Switch, intelligent HubPhysical Hubs (active . passive)

Basic Security Services

Identification

Enables a node to identify the peer node with which it communicates

Authentication

Enables a node to ensure the identity of the peer node with which it communicates

Authorization

Controls permission to access certain information

Confidentiality

Ensures that certain information is not disclosed to unauthorized entities

IntegrityGuarantees that a message being transferred is never corrupted

Availability

Ensures the survivability of information system / network services

Non-repudiationEnsures that the origin of an action cannot deny having conducted the action

Security Attacks in the OSI model

min

max min

max

Dollar Amount of Losses by Type

CERT: A team to provide response to computer security incidents on the Internet.

CERT

1988: First Computer Emergency Response Team (CERT/CC)1990’s: AUSCERT and European national CERTs1990: FIRST - Forum of Incident Response and Security Teams1995: TF-CSIRT: Task Force for the collaboration of teams in

Europe2005: Hundreds of CERTs around the world

C E R T R E S E A R C H

CONCENTRATES ON THE TECHNICAL BASIS FOR IDENTIFYING AND PREVENTING COMPROMISE OF SECURITY OF SYSTEMS/SERVICES VIA THE APPLICATIONS OF PRECISE ENGINEERING SOLUTION, IF POSSIBLE, AUTOMATED.

• Difficulties1)Heterogeneous Networks combined to achieve end to end capabilities2) No practical means of effective verification of software with respect to intended

behavior3)Security attributes can change4)Increasingly sophisticated intrusion strategies of malicious codes5) Legacy systems

S U R V I V A B I L I T Y

SURVIVABILITY IS DEFINED AS THE CAPABILITY OF A SYSTEM TO FULFILL ITS PRIMARY MISSION, IN A TIMELY MANNER, IN THE PRESENCE OF ATTACKS, FAILURES AND ACCIDENTS

S U R V I V A B I L I T Y

• An effective substitute of classical security measures that require central control.

• Intended for unbounded network environments and covers robustness and continuity of operation after intrusion building on

1) Security2) Fault Tolerance3) Safety4) Reliability5) Reuse6) Performance7) Verification8) Testing

Types of CERTs

• Internal CSIRTs provide incident handling services to their parent organization.

• Coordination centers coordinate and facilitate the handling of incidents across various CSIRTs.

• Analysis centers focus on synthesizing data from various sourcesto determine trends and patterns in incident activity.

• Vendor teams located in software or hardware companies and handle reports concerning vulnerabilities in their products.

• Incident response providers provide incident handling services as a product to other organizations.

Handbook for Computer Security Incident Response Teams

Mission

Mission Statement

Services PoliciesQuality

Operations and procedures

Service Attributes

Handbook for Computer Security Incident Response Teams

Policies define the governing principles that control the operation of the CERT.

Policies

Basic Policies:•Code of Conduct•Information Categorization Policy•Information Disclosure Policy •Media Policy•Security Policy•Human Error Policy

Policies control the services framework

Policies should be:Endorsed by managementClearConciseNecessary and sufficientUsableImplementableEnforceable

Quality Assurance

A Quality System should control the operation of the CERT.

A Quality System indicatively includes:• a number of sets of quality parameters per service, always in relation to

the mission statement.• Parameters measurement system• Quality enforcement system• Self-validation system• Quality Reporting system

Example parameters:• Incident response time• Confidentiality level• Level of information provided• Event life cycle

CERT in the Olympic Games

Handbook for Computer Security Incident Response Teams

Incident Analysis

Two general classes of incident analysis adopted for the Olympic Games:

Intra-Incident AnalysisAnalysis of the issues concerning a specific incident. The most common types are as follows:•analysis of any artifacts left by intruder activities (log files, exploits, viruses, Trojan horse programs, toolkits, etc.)•analysis of the software environment in which the incident took place•analysis of the web-of-trust within an incident

Inter-Incident AnalysisAnalysis of issues concerning relationships across and between incidents, that is, the analysis of the texture of ongoing incidents. This analysis is aimed at finding symmetries between separate incidents that might indicate equivalent or related sources of intruder activity.

Automatic personal recognition based on the statistical measurement of physiological or behavioral characteristics

FingerprintFaceVoiceIrisHand

SignatureLips movementSpeechMouse dynamicsKeystroke analysis

Bios = life Metrikos = metric (measure)

Biometric

Properties of CharacteristicsUniversalCollectablePermanentDistinctive

Security Technology - Biometrics

Olympic Games Security System

Biometrics intelligent access control system

Since most of the technologies have been tested in the past, focus was given on the biometric component for strong access control.

Gate Controller

Controller

Encrypted biometric template

Smart CardNetwork

Secured channel

Card – Biometric Reader

DB

Secured channel

Secured channel

D R A G O N

PROPOSALDesign of Radio – based Anti-terrorist Globally Optimal Network

(D.R.A.G.O.N)CASE STUDY

HONG KONG AND SHANGHAI HARBOR SECURITYSHANGHAI WORLD’S FAIR 2010

SummaryThis system presents an innovative design for an anti-terrorist system for

Harbor security in an environment of World Class events such as Olympic Games. It is designed to be applicable for the Harbors of Hong Kong and Shanghai for the Olympics of 2008 in Beijing. This system has been coded DRAGON for obvious reasons.

H A R B O R S E C U R I T Y

D.R.A.G.O.N

CDSS

IOP

Biometrics

CBRNE

CCTV

TelemedicineChemical Biological Radiological Nuclear,Explosives

Routing using chaotic encryption techniques

GSM/UMTS

DVB Satellite

DRAGON

esign adio-basedanti-terrorist

lobally

ptimal

etwork

3D-Surveillance

HONG KONG SHANGHAI HARBORS